Migrate authentication from version 100.x to version 200.x
Use the information in this topic to migrate authentication code and programming patterns implemented in your existing ArcGIS Runtime SDK for Android (100.x) applications to the ArcGIS Maps SDK for Kotlin (200.x). There are two approaches to handling authentication:
Default authentication handling. If you developed applications that adopted the default authentication challenge handler, offered by the ArcGIS Runtime SDK for Android (100.x), see the Default handling of authentication challenges section.
Custom authentication handling. If you developed your own custom authentication challenge handlers, using the ArcGIS Runtime SDK for Android, see the specific migration steps in the authentication manager, authentication challenge handlers and credentials sections.
Default handling of authentication challenges
When you built an application with ArcGIS Runtime SDK for Android (100.x) that accessed secured resources, the API used a default challenge handler that automatically displayed a login UI to the user. This UI presented information about the challenge as well as the appropriate options, such as username and password inputs. This default handler and UI are not yet available with the ArcGIS Maps SDK for Kotlin. A default Authenticator component that can handle the authentication challenges and provide UI will be available in an upcoming release.
With this version of the ArcGIS Maps SDK for Kotlin, you must set up an ArcGISAuthenticationChallengeHandler and NetworkAuthenticationChallengeHandler to capture the authentication challenges. Write your own code to present a UI with login prompts, certificate selection prompts, or server trust prompts. Use the response to create an appropriate credential so that the application can continue with the challenge. For more information, see Handle authentication challenges in the security and authentication topic.
Access to secured resources is managed using the authentication manager. With the ArcGIS Maps SDK for Kotlin, you can obtain this directly from the ArcGISEnvironment.
ArcGIS and network authentication challenges were previously handled using a single AuthenticationChallengeHandler. With ArcGIS Maps SDK for Kotlin, you must create separate authentication challenge handlers that respond to any ArcGISAuthenticationChallenge or NetworkAuthenticationChallenge. Set the ArcGIS and network authentication challenge handlers on the AuthenticationManager.
ArcGIS Runtime SDK for Android handled a variety of credentials using the Credential and OAuthConfiguration classes. ArcGIS Maps SDK for Kotlin uses a range of specialized credential types to match the ArcGIS credentials (OAuthUserCredential, TokenCredential, and PregeneratedTokenCredential) and network credentials (CertificateCredential and PasswordCredential). You can write code in an authentication challenge handler to prompt the user for credential information, create a credential, and use it to continue with the challenge. This credential will be placed in the store and used by future requests coming from the same source.
You can also create ArcGIS credentials preemptively and store them in ArcGISCredentialStore.
OAuth
In your ArcGIS Maps SDK for Kotlin application, use OAuthUserCredential to handle OAuth authentication challenges. Previously, these challenges were handled by adding an OAuth user configuration to the authentication manager.
Previously, you could avoid server trust challenges using the methods AuthenticationManager.setTrustAllSigners and AuthenticationManager.setSelfSignedCertificateListener. With the ArcGIS Maps SDK for Kotlin, there is no direct replacement for these methods. You now create ServerTrust to handle server trust challenges. If you handle a trust challenge with a credential, it will be placed in the store and used by future trust challenges.
ArcGIS and network credentials were previously held in a single AGSCredentialCache. With ArcGIS Maps SDK for Kotlin, the authentication manager has separate credential stores that exist for the lifetime of the application. These are ArcGISCredentialStore and NetworkCredentialStore.
Previously, you could create and set a credential preemptively on a specific object. With ArcGIS Maps SDK for Kotlin, you must add the credential to the store before any secure resources are loaded.